wok view zerobin/stuff/zerobin.u @ rev 19294
sane-backends, scons, scrot, shell-fm, smake, soundtouch, wireless_tools: fix man or doc path
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Wed Jul 06 16:30:34 2016 +0200 (2016-07-06) |
| parents | 0baeb3ed8570 |
| children | 7a16da2c93b9 |
line source
1 --- index.php
2 +++ index.php
3 @@ -17,6 +17,13 @@
4 $_COOKIE = array_map('stripslashes_deep', $_COOKIE);
5 }
7 +function remote_address()
8 +{
9 + // if (isset($_SERVER["HTTP_X_FORWARDED_FOR"]))
10 + // return $_SERVER["HTTP_X_FORWARDED_FOR"];
11 + return $_SERVER["REMOTE_ADDR"];
12 +}
13 +
14 // trafic_limiter : Make sure the IP address makes at most 1 request every 10 seconds.
15 // Will return false if IP address made a call less than 10 seconds ago.
16 function trafic_limiter_canPass($ip)
17 @@ -144,7 +151,7 @@
18 }
20 // Make sure last paste from the IP address was more than 10 seconds ago.
21 - if (!trafic_limiter_canPass($_SERVER['REMOTE_ADDR']))
22 + if (!trafic_limiter_canPass(remote_address()))
23 { echo json_encode(array('status'=>1,'message'=>'Please wait 10 seconds between each post.')); exit; }
25 // Make sure content is not too big.
26 @@ -216,7 +223,7 @@
27 // (We assume that if the user did not enter a nickname, he/she wants
28 // to be anonymous and we will not generate the vizhash.)
29 $vz = new vizhash16x16();
30 - $pngdata = $vz->generate($_SERVER['REMOTE_ADDR']);
31 + $pngdata = $vz->generate(remote_address());
32 if ($pngdata!='') $meta['vizhash'] = 'data:image/png;base64,'.base64_encode($pngdata);
33 // Once the avatar is generated, we do not keep the IP address, nor its hash.
34 }
35 --- js/zerobin.js
36 +++ js/zerobin.js
37 @@ -340,7 +340,13 @@
39 showStatus('Sending paste...', spin=true);
41 - var randomkey = sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 0), 0);
42 + var randomkey = (window.location.hash.length > 2) ?
43 + // force key
44 + window.location.hash.substring(1) :
45 + // Generate a random 256 bits key, encoded in base64:
46 + sjcl.codec.base64.fromBits(sjcl.random.randomWords(8,0),0);
47 + if (randomkey.charAt(randomkey.length-1) !== '=')
48 + randomkey+='='; // Add trailing = if missing.
49 var cipherdata = zeroCipher(randomkey, $('textarea#message').val());
50 var data_to_send = { data: cipherdata,
51 expire: $('select#pasteExpiration').val(),